I’m not finding any information online other than that it’s difficult

  • gnuhaut@lemmy.ml
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    3 days ago

    Anti cheat software tries to find cheats running on the computer, and in order to that, so called kernel-level anticheat hooks into NT (Windows kernel) internals, and runs at the highest possible privilege level. It has to do that so it can monitor everything going on in the system. If it didn’t do that, the cheat could just hide from the anticheat software by running with superior privileges.

    Wine does not implement undocumented/internal parts of NT, and neither does it run at an elevated privilege level. It also cannot realistically implement any and all possible NT kernel internals, and it cannot possibly hide the fact that it’s actually wine, and not real Windows, from any program that really wants to figure this out.

    If wine tried to implement a specific workaround for a specific anti-cheat software/version, in order to it trick into thinking it’s running on a real Windows system with elevated privileges, the anti-cheat vendor would likely interpret this as a kind of deception, and they could easily update their software to detect this situation.

    Theoretically, anti-cheat vendors could do kernel-level anticheat for the Linux kernel specifically if the game runs on Linux, but this has problems: First of all a general backlash and complete lack of cooperation from the Linux community (btw, Microsoft isn’t too happy about them doing this on Windows either, and they might at some point do something about this, since it’s bad for security and stability). Also, Linux kernel internals aren’t at all stable, and so just practically you cannot hook into the Linux kernel nearly as easily as you can into NT.

    Some anti-cheat vendors do support Linux though, but only optionally if the game dev allows that. In practice, this just means many checks will just be disabled on Linux, which is presumably why many games do not enable the Linux support.

    tl;dr: No. Only the anti-cheat vendor / game dev can realistically fix the situation, and they may not want to because it’ll be worse at actually detecting cheats on Linux in practice.

  • Eugenia@lemmy.ml
    link
    fedilink
    English
    arrow-up
    39
    ·
    4 days ago

    No, forget anticheat games. It’s not possible to create a “fake” rootkit. If it was possible, they would have done it for Windows too, and it would defeat the purpose of anti-cheat. So, just don’t run these games. They don’t worth your security.

    • caseyweederman@lemmy.ca
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      3 days ago

      I mean I wouldn’t mind defeating the purpose of anticheat. Let’s all defeat the purpose of anticheat.

  • Mactan@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    4 days ago

    Lightning flashes, sparks shower, in one blink of your eyes you’ve mis-seen.

  • markstos@lemmy.world
    link
    fedilink
    arrow-up
    23
    arrow-down
    1
    ·
    3 days ago

    Yes, we are waiting for the CrowdStrike aha moment where the industry learns the hard way that anticheat with root privileges was a dangerous idea not worth the risks.

  • anon5621@lemmy.ml
    link
    fedilink
    arrow-up
    85
    ·
    4 days ago

    User space level anticheat yes,kernel anticheat no and I actually happy about ,kernel level anticheat behaving literally like malware/rootkit

      • FauxLiving@lemmy.world
        link
        fedilink
        arrow-up
        30
        arrow-down
        1
        ·
        4 days ago

        No, because then you can just run software cheats at kernel level which would be completely undetectable to userspace anti cheat

        • Communist@lemmy.frozeninferno.xyzOP
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          24
          ·
          4 days ago

          So? I just want the games to run, I don’t care about that side of it at all, that side of it is essentially pointless to me. There were always workarounds anyway, what does it matter?

          • RmDebArc_5@sh.itjust.works
            link
            fedilink
            arrow-up
            30
            ·
            4 days ago

            At that point you might as well not have a kernel level anti cheat and companies who insist on kernel level anti cheat will block wine. The only solutions I see are

            1. Developers mainly use server side anti cheat
            2. They make native Linux games
            3. Distros provide a way to ensure a untainted (signed) kernel
            • Communist@lemmy.frozeninferno.xyzOP
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              3 days ago

              That would ba a massive win in my book, kernel level anticheat is malware.

              make it so that they can’t block wine without blocking windows and kernel level anticheat is gone

              • gnuhaut@lemmy.ml
                link
                fedilink
                arrow-up
                4
                ·
                3 days ago

                You cannot realistically make it impossible to detect that you’re running on wine. Wine just implements the Windows ABIs. The actual code running is totally different. Even just reading any of the binary code of literally any function would reveal it’s different from the Windows code. How are you going to stop it from doing memory reads on stuff that it needs to be able to read? You can’t. You’d need a full hardware emulator for that.

          • FauxLiving@lemmy.world
            link
            fedilink
            arrow-up
            10
            arrow-down
            1
            ·
            4 days ago

            Developers who use kernel anti-cheat don’t support Linux because userspace anti-cheat is largely pointless. It doesn’t matter if you personally don’t care, the companies that want anti-cheat do care.

            The workaround for kernel anti-cheat requires hundreds of USD in hardware. The workaround for userspace anti-cheat is entirely software.

            Because of this, you will have less cheaters if cheating has a $500 price tag. That’s why kernel anti-cheat is effective, there’s no way for that to be solved with a WINE patch.

            • Communist@lemmy.frozeninferno.xyzOP
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              3 days ago

              I simply do not believe that it costs that much to cheat with kernel level anticheat.

              kernel level anticheat is pointless malware in my book, let it burn

              • FauxLiving@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                3 days ago

                It requires either a Direct Memory Access card and supporting software or a video capture card and enough processing power to run fast image classification for AI aim bots.

                Anything running directly on the PC can be detected by the kernel anti-cheat.

                You can look online for the hardware and prices

              • FauxLiving@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                3 days ago

                It doesn’t stop cheating, it just makes cheating require spending a few hundred dollars and dealing with complex hardware setups. This means that relatively few people try.

                Non-kernel anti-cheat can be bypassed by software. So it’s cheap and easily available.

                That’s the only difference. Kernel anti-cheat doesn’t prevent cheating, it just makes it more expensive.

  • WarmApplePieShrek@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 days ago

    Anticheat detects if you’re running normal Windows or something else.

    If you’re using something else, they won’t let you play the game.

    Wine is something else.

  • Mwa@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 day ago

    Only anticheat that doesn’t nest itself very deep into the windows kernel.

    • Communist@lemmy.frozeninferno.xyzOP
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      4 days ago

      That is something I’m aware of but not what I’m looking for, I’m looking for news about workarounds, preferably new news, if there is any

  • irotsoma@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    1
    ·
    2 days ago

    Most could, but most are also designed not to because adding a virtualization type of layer allows for ways to circumvent it. Anticheat needs to trust the environment it is running in so it can rely on the information. Wine is designed to replicate things it trusts in Windows, but not actually necessarily replicate the way the kernel actually does those things, so the things they are relying on might not mean the same thing as the do in Windows. So they’d need to analyze and possibly implement things a bit differently. This takes time and money and for companies like this, the customer isn’t the user, so they have little reason to cater to users needs. Pro gaming and a few online game companies are their primary customers and they generally don’t want to support Linux anyway.

    • merthyr1831@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 hours ago

      GTAV? I thought there would be more fanfare considering how much coverage the removal of Linux support got

  • notanapple@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    4 days ago

    I wonder if immutable systems could negate the need for kernel anti cheat. If the game can ensure the current kernel and image is one from a list of acceptable ones, it doesn’t need to kernel anti cheat. They could do this by comparing the checksum or something.

    • Communist@lemmy.frozeninferno.xyzOP
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      24
      ·
      4 days ago

      Yeah but that doesn’t count tbh, if the dev has to give the okay we lose a ton of games, and that isn’t what I’m looking for, the dev shouldn’t be able to know it isn’t running on windows

  • brax@sh.itjust.works
    link
    fedilink
    arrow-up
    10
    ·
    2 days ago

    I hope not. I hope it never does. Windows users are weird enough not giving a shit about installing rootkits on their computer. We don’t want this in Linux. What computer is worth compromising just for some game to determine whether or not you’re cheating at it?

  • GustavoM@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    4 days ago

    Just buy a minipc and use it solely for gaming on Windows if you really need to game.

    • augustus672@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      4 days ago

      No idea why you’ve been down voted. If someone simply must play kernel level anti-cheat games, the best way to do it is on Windows. Developers have made it very clear they do not trust Wine/Proton/Linux and that are market share is simply too small to care.